CVE-2020-20988

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-20988
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-20988.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-20988
Published
2021-08-12T22:15:07.480Z
Modified
2025-11-14T10:55:30.251615Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter.

References

Affected packages

Git / github.com/domainmod/domainmod

Affected ranges

Type
GIT
Repo
https://github.com/domainmod/domainmod
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c2902928f5f408ec833012a01124658f49fe9ca2

Affected versions

v0.*

v0.1.0
v0.10.0
v0.11.0
v0.11.1
v0.11.2
v0.12.0
v0.13.0
v0.14.0
v0.14.1
v0.15.0
v0.15.1
v0.15.2
v0.16.0
v0.16.1
v0.17.0
v0.18.0
v0.18.1
v0.18.2
v0.18.3
v0.19.0
v0.19.1
v0.19.2
v0.19.3
v0.19.4
v0.2.0
v0.20.0
v0.20.1
v0.20.2
v0.21.0
v0.21.1
v0.21.2
v0.21.3
v0.21.4
v0.21.5
v0.21.6
v0.21.7
v0.21.8
v0.22.0
v0.22.1
v0.22.2
v0.22.3
v0.22.4
v0.22.5
v0.23.0
v0.24.0
v0.24.1
v0.24.2
v0.25.0
v0.25.1
v0.25.2
v0.26.0
v0.26.1
v0.26.2
v0.26.3
v0.26.4
v0.26.5
v0.26.6
v0.27.0
v0.27.1
v0.27.2
v0.27.3
v0.28.0
v0.29.0
v0.3.0
v0.3.1
v0.30.0
v0.30.1
v0.30.2
v0.31.0
v0.31.1
v0.31.2
v0.31.3
v0.31.4
v0.31.5
v0.32.0
v0.32.1
v0.33.0
v0.33.1
v0.33.2
v0.33.3
v0.33.4
v0.33.5
v0.33.6
v0.34.0
v0.34.1
v0.34.2
v0.35.0
v0.36.0
v0.36.1
v0.36.2
v0.36.3
v0.37.0
v0.37.1
v0.38.0
v0.39.0
v0.4.0
v0.4.1
v0.40.0
v0.40.1
v0.40.2
v0.41.0
v0.41.1
v0.41.2
v0.41.3
v0.42.0
v0.43.0
v0.44.0
v0.44.1
v0.44.2
v0.44.3
v0.44.4
v0.44.5
v0.44.6
v0.45.0
v0.45.1
v0.45.2
v0.46.0
v0.47.0
v0.48.0
v0.49.0
v0.5.0
v0.5.1
v0.5.2
v0.50.0
v0.51.0
v0.52.0
v0.53.0
v0.54.0
v0.55.0
v0.55.1
v0.55.2
v0.55.3
v0.56.0
v0.57.0
v0.57.1
v0.58.0
v0.58.1
v0.58.2
v0.59.0
v0.6.0
v0.6.1
v0.60.0
v0.60.1
v0.61.0
v0.61.1
v0.61.2
v0.62.0
v0.63.0
v0.64.0
v0.65.0
v0.66.0
v0.67.0
v0.67.1
v0.68.0
v0.69.0
v0.69.1
v0.7.0
v0.70.0
v0.70.1
v0.70.2
v0.71.0
v0.72.0
v0.73.0
v0.74.0
v0.75.0
v0.76.0
v0.77.0
v0.77.1
v0.78.0
v0.79.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.80.0
v0.81.0
v0.82.0
v0.82.1
v0.82.2
v0.82.3
v0.82.4
v0.83.0
v0.84.0
v0.84.1
v0.84.2
v0.85.0
v0.85.1
v0.86.0
v0.87.0
v0.88.0
v0.89.0
v0.9.0
v0.91.0
v0.91.1
v0.91.2
v0.91.3
v0.91.4
v0.91.5
v0.92.0
v0.92.1
v0.92.2
v0.93.0

v3.*

v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.0.8
v3.0.9

v4.*

v4.00.000
v4.01.000
v4.01.001
v4.01.002
v4.01.003
v4.01.004
v4.01.005
v4.01.006
v4.01.007
v4.01.008
v4.02.000
v4.02.001
v4.03.000
v4.03.001
v4.03.002
v4.04.000
v4.04.001
v4.05.00
v4.05.01
v4.05.02
v4.05.03
v4.06.00
v4.06.01
v4.07.00
v4.08.00
v4.09.00
v4.09.01
v4.09.02
v4.09.03
v4.10.0
v4.11.0
v4.11.01
v4.12.0
v4.13.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-20988.json"